summaryrefslogtreecommitdiff
path: root/src/openvpn/ssl_verify.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/openvpn/ssl_verify.h')
-rw-r--r--src/openvpn/ssl_verify.h19
1 files changed, 9 insertions, 10 deletions
diff --git a/src/openvpn/ssl_verify.h b/src/openvpn/ssl_verify.h
index 3e2267a..b1ced95 100644
--- a/src/openvpn/ssl_verify.h
+++ b/src/openvpn/ssl_verify.h
@@ -29,8 +29,6 @@
#ifndef SSL_VERIFY_H_
#define SSL_VERIFY_H_
-#ifdef ENABLE_CRYPTO
-
#include "syshead.h"
#include "misc.h"
#include "ssl_common.h"
@@ -226,23 +224,24 @@ struct x509_track
#ifdef MANAGEMENT_DEF_AUTH
bool tls_authenticate_key(struct tls_multi *multi, const unsigned int mda_key_id, const bool auth, const char *client_reason);
-void man_def_auth_set_client_reason(struct tls_multi *multi, const char *client_reason);
-
#endif
+/**
+ * Sets the reason why authentication of a client failed. This be will send to the client
+ * when the AUTH_FAILED message is sent
+ * An example would be "SESSION: Token expired"
+ * @param multi The multi tls struct
+ * @param client_reason The string to send to the client as part of AUTH_FAILED
+ */
+void auth_set_client_reason(struct tls_multi *multi, const char *client_reason);
+
static inline const char *
tls_client_reason(struct tls_multi *multi)
{
-#ifdef ENABLE_DEF_AUTH
return multi->client_reason;
-#else
- return NULL;
-#endif
}
/** Remove any X509_ env variables from env_set es */
void tls_x509_clear_env(struct env_set *es);
-#endif /* ENABLE_CRYPTO */
-
#endif /* SSL_VERIFY_H_ */